A little help here..

[Roch_Greg]

Hello folks, I'm at my wits end trying to get this SecureClient/Remote thing running and hopefully someone here can figure this out. I've read the documentation from checkpoint and all the stuff I could find at this very useful site but the situation is no go.

System: CP-Express VPN-1 NGX-R65 - Policy Server installed and running, "dtps lic" shows unlimted licenses for Secure Client. Host OS is RHEL 3.x

Private NET: 10.1.0.0/16 (not my choice was handed down to me)

Network Map:

Private Net --- CP BOX --- Cisco Router ---- Public Net

Have configured Remote Access and Office mode by the book.

VPN Domain for Gateway: All Address behind Gateway
VPN Domain for Community: Network Group of Servers

Office mode IP address Assignment: I've tried using a pool (10.5.0.0/16) and also using the DHCP Server on the net.

In any case, when I try to connect over even a dial-up connection remotely Secure Client says "Error: Communication with Site x.x.x.x has failed"

Implied rules log shows fw1_topo but nothing else. Rules created in the Sec Policy don't even show up.

I've set up Remote Access clients before with different products and it wasn't that big of a deal but I admit I'm stumped here.

Thanks for Reading
Greg

[coldark]

Not sure what you mean by VPN Domain for Community. What kind of object did you use for this - do you mean a "Mesh" community object (if so that is not required at all).

Have you created the Remote Access Community in the VPN Manager Tab? this should be created with:

1) your FW selected in the Gateways Tab of the Remote Acces object
2) a User Group containing your users in the Users Tab of the same object.